want monitor datalink
Fancy network switches allow one to designate a port as a "monitoring" port. This port will then get a copy of all packets (depends on exact config) for network analysis tools to inspect.
It would be nice to be able to create a "vnic" that act as a bridge of as far as inbound packets are concerned, and as a black hole as far as outbound packets are concerned. In other words, say we do:
# dladm create-vnic -l e1000g0 net0 # dladm create-vnic -l e1000g0 net1 # dladm create-monitor -l e1000g0 mon0
Then, we pass the mon0 link to a zone/kvm/whatever. Any packet that is sent or received via e1000g0 will get set to mon0 as well. Any packet originating from mon0 is simply dropped.
This will allow monitoring software to have access to all the packets without a risk of them accidentally sending packets of their own. (Perhaps the ro/rw nature of the interface could be toggled via a linkprop.)